When completing an Alphassl certificate install on IIS using the “Complete Certificate Request” you receive the error:

There was an error while performing this operation.

Details:

The requested property value is empty. (Exception from HRESULT: 0x80094004)

Now this is a Typical Microsoft Error in that it really only has meaning to the person who created the error. For us end users stuck in this weird Microsoft world, the error message is trying to tell us that the Certificate you pointed to for the “Complete Certificate Request function in IIS

is pointing to a .CER file that is not valid as a certificate for import.

So at this point it is time to check what certificate you placed in the .CER file that you are trying to import.

Solution

In particular with Alphassl certificates, the process of completing a new certificate request is completed by email. The end of the process involves receiving an email with instructions on how to complete the process of import.

Now if you are anything like me, and you think you know what you are doing having completed this process a few times. You tend to work fast and read instructions later (like an IKEA assembly job). And on several of my certificate install jobs I have made the same error. That being that I read to point 2 above. Click the link which if I read it is obviously to the Root Certificate Install. Then proceed to copy and paste the SHA-256 Certificate into the process and save is as a .cer file, then try to complete the process with that hash.

So basically this is all wrong. The certificate Hash is actually included in the bottom of the email received from Alphassl and that hash from the bottom fo the email is the correct hash to copy and paste to your IIS server and save as a .cer file. It is then this file that you use to complete the process with your IIS “Complete Certificate Request” function. Not the above Root certificate.

RTFM.

There was an error while performing this operation.

Details:

The requested property value is empty. (Exception from HRESULT: 0x80094004)

Outlook 365 Keeps Prompting for Password After August 2017

In August 2017 Microsoft released another version of Outlook for Office 365 for PC that caused a major problem for people connecting to Exchange 2016 servers. This problems is all to do with the AutoDiscovery setup that Outlook uses. Microsoft appear to have set outlook to use their Office 365 servers as an initial point of setup configuration regardless of how you have configured AutoDiscovery.

The bottom line is that outlook keeps trying to authenticate agains office365 and not your own server. While this is a known issue, as of January 2018 it has not been fixed in the next version of Outlook.

The Fix

There are two fixes, and either one should work. We suggest Fix 1

Fix 1

First one involves setting a registry entry on the computer experiencing the issue. To fix this issue, create a text file and copy/paste this text below.

Then save it, and rename it as ExcludeExplicitO365Endpoint.reg and run it (this will import the applicable registry key). ONLY DO THIS if you are using an Exchange On-Premise account, and not a Office365 or hosted exchange account.

Fix 2

The solution I’ve found to work and the only one to stop this annoying popup of “enter your password”, is to downgrade to a lower version of office update.here is a script i wrote, in case you need to push this to several computers.

this will take your office 2016 to update 8326.2107 where this issue doesn’t happen.nothing will show up on the screen, but give it about 10 minutes and restart the computer. check the control panel/ add-remove programs and make sure office is on the new (or actually old…) version.

Here is a link to some helpful information in running this update: https://support.microsoft.com/en-us/help/2770432/how-to-revert-to-an-earlier-version-of-office-2013-or-office-2016-clic

The Fix

Problem is now fixed, and this annoying service is off and will not bother you again.

Know Roaming Review – Should I Use KnowRoaming Mobile

In one word, NO.

But let me explain why we think the reviews we have read online don’t live up to our experience.

Firstly, as someone who professionally travels the entire globe and who is a techno geek, data is one of the most important travel tools these days. To look up and book all sorts of things form AirBnB to Uber,, Google Maps and just staying in contact with loved ones.

Getting Data is really still a huge hassle after all these years. Blackberry had the right idea to provide unlimited global packages for their devices world wide, and I personally cannot wait for Elon Must to get his 4,425 satellites up and running giving global coverage of low orbit satellite based data services. I am surprised that Apple or Google etc have not jumped in and lined up the telcos who are still busy ripping people for global data. They will end up wishing they had global alliances once something else comes online. Anyway I digress.

KnowRoaming has a good idea. They tap into the alliance of roughly 50-60 normal countries that appear to be able to operate in the real world and have some reasonable deals. The countries are sort of the ones you would expect. Basically if the telcos operate in a fair and less regulated environment (read western civilised countries) then they are likely on the list. If the countries government or royal highness owns the telcos or chops the hands of thieves off, then they are probably not on the list. (Read 1/2 the world that operates in dictator chaos).

Among the plans is the All You can Eat $7.99 per day for unlimited data. This was particularly appealing to me as I am often in countries for a short period of time.

Mobile Sticker for Roaming

The device I took was the sticker that you put easily on your sim card that gives your extra function while away form your normal carrier. No problems with the sticker and applying it.

The KnowRoaming App and Service

The issues I have are with the KnowRoaming App. The app controls the management of data access while in other countries. The idea is that you power it up while in the roaming countries and select the plan you wish to use. The failures of the app are this.

1. Unintuitive not user Friendly. – The app needs to install profiles on the iPhone to set up local data access. This part I can handle. Installing profiles are like installing certificates on a phone. A little odd at first, but once you get the idea of it, then not to bad. But the really unfriendly part is that you activate data on the home screen, but the app then needs to download the local roaming profiles to get the plans available locally. At times the connection download rate to get this data is so bad that the app does not find the data you need. Then you are left with an activated connecting that is using your data at a huge rate, and charing you normal crappy connection rates because you have not activated the daily plan. On more than one occasion I used all my credit before I could get a daily rate activated.

Other times I activated the daily plan, only to instantly loose the connection for a period of time. Then to find out that the activation did not take and I was again using all my credit when connection returned.

2. Reliability – Very poor at best. Because of this switching of profiles and presumably the providers of choice in the countries being forced for connection on once activated. I often found I was in a location like an airport with great reception. As soon as I activated the mobile data in the KnowRoaming app, and turned the Roaming Data on in the phone settings, I lost my connection all together to the telcos. No signal. Frustrating as hell when you need to get something done.

3. Data Priority – As you would expect with data roaming services, the telcos in the country you are traveling will give you low priority on their networks for data. This is understandable and even though the services are 3G only and you are most likely connecting to 4 G capable networks, I did find that at peak times (like the time of day you would book an Uber, Taxi, Hotel or AirBnB.) The series is so slow that you can’t get anything done at all. Ping tests 100 times slower than normal connection. Can’t even get to a google home page. Totally useless.

4. Average support – While contacting support gets you reasonably quick responses via email. You do need to have data to get email. What’s APP is free data, which leads the question. Why not enable free data for their APP and offer in app communications. As it stands you need the App to work to get support on getting the App to work. Crazy right!

Support

On the two occasions that I contact support advising that my entire balance had been eaten up in a manner of minutes. I was once refunded the money when I advised that I was a new customer and just did not get the interface for the app to activate the daily plans. And in this I will restate that the App really is not user friendly at all. They really need to force choice options on you as you activate to say… hey use all your credit in minutes or using one of the normal persons options to roam all day.

The other time I experienced the “There Goes All yYour Credit” in a few minutes issue. Was as a result of the loss of connection then subsequent re-connection unbeknown to me a short time later. So my phone sat doing what my phone does, downloading email etc. All the time I believed I had no connection and was waiting to get WiFI access to sort out why I had no carrier signal after activating data.

I contact support with this second credit suck, and they pretty much said.. “Yep there goes your money, here is how to top up again”. As if I would put another cent into a services that just sucked down every penny I just fed it and gave me nothing in return.

So in summary… Reasonable Process, Quick Response to Support, Very Average App, Very Unreliable, at times Unusably Slow, Average Support Response. Stay Away from KnowrRaming.

Note that these are just my experiences and subsequently my opinion of the service. I probably may have had better experiences had I received better support the second time I had major credit suck. I do have work colleagues that use the services and sewer by it, but once bitten twice shy. They had the opportunity to turn me into a happy customer, and it was as simple as a “sorry, here is your credit back”.

Install Disk Cleanup Tools Windows 2012 or Windows 2016 Server.

Installing the function to clean your disk, requires that you install the Desktop Experience module from the Windows Feature list.

Reported Problems

The user reported that outlook was slow to open email, and unresponsive with searching in outlook.

The CTRL right click on the Outlook connection icon (bottom right) showed the connection was made with HTTP

The Problem

It is reported that MAPI over HTTP which is a newer connection method of laterExchange servers and potential better and more reliable for devices connecting has some unreliabilities in some instances with earlier version of Outlook.

Our testing shows that later outlook versions and the Mac versions of outlook have no troubles at all.

The Solution

IN Exchange 2016 it is possible to disable MAPI for a users mailbox. The issue this may have is that they could have other more recent devices such as phones and tablets that are enjoying the advantages of MAPI over HTTP. So rather than turning off MAPI for all their devices at the exchange server end. It is preferable to disable the connection on that users computer only.

This can be easily done using regedit.

Disabling MAPI over HTTP with Regedit

Log on to the proxy client where you installed the agent.

Use the credentials for the Windows account that you defined in the agent properties.

In Windows on the client computer, click Start, and then type regedit in the Search programs and files box.

Press Enter.�

The Registry Editor appears.

Expand HKEY_CURRENT_USER > Software > Microsoft > Exchange.

Right-click Exchange, and then click New > DWORD.�

A new DWORD entry appears in the right pane.

Right-click the new DWORD entry, and then click Rename.

Type MapiHttpDisabled.

Right-click the MapiHttpDisabled entry, and then click Modify.�

The Edit DWORD Value dialog box appears.

In the Value box, type 00000001, and then click OK.

Close the Registry Editor.

Verify that the protocol has been changed to RPC over HTTP.�

Restart Microsoft Outlook.

Press Ctrl and right-click the Microsoft Outlook icon in the notification area at the far right of the task bar.

Click Connection Status.�

The Microsoft Exchange Connection Status dialog box appears.

Verify that the value in the Protocol column is RPC/HTTP.

If the value is HTTP, delete the Microsoft Outlook profile, and then recreate it.

Disable MAPI over HTTP using .reg file.

3. Double open the MAPIoverhttp_disable.reg file and it will add the above change for your.

Disabling MAPI over HTTP using Command Prompt.

1. Click Start RUN

2. Type CMD then hit ENTER.

3. Type or paste: REG.exe Add HKCU\Software\Microsoft\Exchange /V MapiHttpDisabled /T REG_DWORD /D 0x1 /F(Note that the above is one line that may wrap)

Disabling MAPI over HTTP using PowerShaell

We can retrieve the current configuration using the first two commands, whilst the third one disables MAPI/HTTP and the final command enables MAPI/HTTP:Get-Item HKCU:\Software\Microsoft\ExchangeGet-ItemProperty -Path HKCU:\Software\Microsoft\Exchange -Name MapiHttpDisabled | select MapiHttpDisabled | Ft –AutoSizeNew-ItemProperty -Path HKCU:\Software\Microsoft\Exchange -Name MapiHttpDisabled -PropertyType DWORD -Value “0x1” –ForceNew-ItemProperty -Path HKCU:\Software\Microsoft\Exchange -Name MapiHttpDisabled -PropertyType DWORD -Value “0x0” –Force(Note that the above are all one line that may wrap)

Testing When MAPI/HTTP Disabled

For reference, Outlook 2010 connection information is show. Note that MAPI/HTTP is being used:

After disabling MAPI/HTTP using one of the above methods, reg.exe or PowerShell, we can then look to see how Outlook is connecting. Note that you may have to wait for Outlook to perform an Autodiscover request and automatically update itself, or alternatively run a profile repair to force a full Autodiscover. Deleting the Outlook profile would also force the change, but that is not recommend in production unless it is the last resort. Deleting Outlook profiles causes OAB downloads, OST downloads, possibly adding PST files back into the profile and may also impact mobile devices.

In the below screenshot we can se that the client is now kicking it old skool. The protocol type has changed, and there is now a proxy server specified. This was taken after restarting Outlook.

Enabling Via Command Prompt

To allow MAPI/HTTP remove the MapiHttpDisabled DWORD, or set it to a value of 0 as shown below: